In recent years, with digitalization of various kinds of information such as documents, data and so on and development of Internet, E-mails, digital storage media and so on, users have been provided with chances to obtain their desired materials (hereinafter referred to as “digital data”) with more promptitude and ease.
Digital data have a property that they can be easily copied or modified and distributed. This may cause a serious problem of leakage of confidential information owned by enterprises, facilities and so on by illegal copy and distribution of digital data, which may result in weakening of competitiveness of enterprises and nations.
In particular, with recent rapid progress of establishment of LANs (Local Area Networks) or KMSs (Knowledge Management Systems) in enterprises, information and materials of enterprises have been wandered from place to place, which results in easer access to digital data and hence higher possibility of leakage of confidential information of enterprises and facilities.
Accordingly, there has been a keen need for techniques for protection of digital data, and various techniques for protection against illegal distribution and use of digital data have been developed, including, for example, a firewall technique for management of system log-in and blockade of illegal access to systems, a digital rights management (DRM) technique for protection, security and management of digital documents, a technique for restricted use of E-mails, etc.
For the purpose of protection of such digital data, techniques have been developed and spread, which prevent unauthorized consumers or users from illegally copying and distributing decoded data in application programs for processing digital data, which are being distributed via Internet or CDs (Compact discs), and systems for processing digital documents carrying important data related to businesses of enterprises and public institutions. Such techniques check authority of users in digital data input/output programs and prohibit unauthorized users from illegally copying and distributing digital data.
In the meantime, there presently exist a number of compressed file formats (for example, “zip”, “arj”, “rar”, etc.) and application programs (for example, “winzip”, “alzip”, etc.) for creating corresponding compressed files and decompressing the compressed files.
Although such compression application programs have their own cryptosystems to provide functions to allow only users, who know a password, to decompress compressed files, the users who know the password and acquire original source files by decompressing the compressed files may distribute the original source files, which are the object of compression, as they are, instead of the passworded compressed files, which brings shame to the purport of creation of the encrypted compressed files.
Accordingly, compressing resultant files (i.e., original source files) with password, which are made when the compressed files are decompressed, may make the best of the purport of applying password to the compressed files. However, it is a time-consuming and inconvenient task under actual use environments to compress the object files with the password using a cryptosystem of a compression application individually and re-compress the whole of the files. If the number of object files to be compressed is several hundreds or several thousands, in actuality, it is nearly impossible to compress all of the object files with passwords respectively.
Further, speaking critically, although such a task can be performed anyhow, a user who knows a password can decompress all of the object files to acquire original files in the last, and accordingly there still remains a possibility of distribution of the original files by the user who knows the password. In the end, a usual method to apply password to compressed files can not accomplish the object of distributing, opening and reading the compressed files to be protected without leaking original documents within the compressed files.
More specifically, the method of protecting compressed files and original files within the compressed files using only a cryptosystem provided by conventional compression application programs confronts the following problems.
Firstly, in a case where a compressed file should be distributed over a plurality of users, there is an inconvenience in that a password should be known to the plurality of users. In that case, the password must be known to them using pilferable direct contact means such as telephone or E-mail.
Secondly, users who know the password can use corresponding files unconditionally without any limitation to times and period of open and read of the files.
Thirdly, a creator who creates a compressed file can not grasp the history of open and read by users who know the password. Namely, the creator can not know whether or not users who wish to decompress the compressed file access the compressed file.
Fourthly, existing compression application programs do not provide security for files (to be compressed) within the compressed file. To provide the security for the files, there is a need to compress object files along with passwords when the object files are created. In addition, in this case, if passwords of the object files are differently applied, there is an inconvenience in that the passwords should be also individually distributed to users.
Fifthly, there exist methods of deciphering cryptosystem of existing compression application programs.